Static task
static1
Behavioral task
behavioral1
Sample
deccf687de13f142c1241b1f6327e188d6c4763ea1036de4e414e131c73ca3d3.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
deccf687de13f142c1241b1f6327e188d6c4763ea1036de4e414e131c73ca3d3.exe
Resource
win10v2004-20230915-en
General
-
Target
deccf687de13f142c1241b1f6327e188d6c4763ea1036de4e414e131c73ca3d3
-
Size
3.3MB
-
MD5
5bb41148b47724fa6c8bebd82ce0670a
-
SHA1
0ac08f9c913c9a2abb53d9b58a85abef9a9f2726
-
SHA256
deccf687de13f142c1241b1f6327e188d6c4763ea1036de4e414e131c73ca3d3
-
SHA512
98bd83ca4cf8aa088b1ce83c833a7c28043ad4e2cbbe58e8a22b34103c5532345fe14aa3e612526559582ded0434b5133faf1992a50992674198d15a05f3be53
-
SSDEEP
98304:T/sO/6dcZx79FwRES1OxRHu0AVn3DLXYPHq:oVc/7XwCSKO04g
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource deccf687de13f142c1241b1f6327e188d6c4763ea1036de4e414e131c73ca3d3
Files
-
deccf687de13f142c1241b1f6327e188d6c4763ea1036de4e414e131c73ca3d3.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 4KB - Virtual size: 2.2MB
IMAGE_SCN_MEM_READ
VProtect Size: 616KB - Virtual size: 616KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
VProtect Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
VProtect Size: 4KB - Virtual size: 4KB
IMAGE_SCN_MEM_READ
VProtect Size: 100KB - Virtual size: 100KB
IMAGE_SCN_MEM_READ